At Sirius we've just completed the migration of our corporate website from Joomla! to Drupal. There are many discussions of the relative merits of Drupal and Joomla!, but we thought it would be interesting to discuss what we've learned.
Joomla! and Drupal superficially claim to do the same sort of job. Both allow you to get a well structured website supporting multiple contributors up and running quickly and easily. If anything, Joomla! is probably the more straightforward of the two to set-up. It's very easy to get near-instant gratification from a Joomla! deployment while you're still knee-deep in Drupal's 'blocks', 'views' and 'taxonomies'.
Our Joomla! based site served us well for three years but as our need for new features grew, so did the arguments for switching to Drupal. While both Drupal and Joomla! offer a thriving market for third-party extensions, we felt that Drupal's architecture was better suited to us.
In any system there is a trade-off between simplicity and flexibility. As noted above, Joomla! is probably the quicker of the two systems to set-up, but the flip-side is that it makes more assumptions about the nature of your site whereas Drupal encourages you to make those decisions for yourself.
Although the plans for Joomla 1.6 are reputed to include ACL features, Joomla 1.5 simply divides users into Public, Register and Special.
For many sites this is sufficient, but for our needs it's too coarse. A free extension called noixACL is available which adds multiple group membership and fine-grained, generic ACL facility but the lack of support for this concept in Joomla!'s core makes it a difficult solution to administer.
For example, controlling access to menu administration effectively comes down to blocking or allowing various values of the "task" CGI variable. Unfortunately "task" is part of the internals of a module, not its public API. It can contain useful values such as "edit" or "view" but also less elegant ones such as "orderup", "orderdown", "accesspublic" or "accessspecial". You don't want to grant separate permissions for moving a menu item up and moving it back down! Also, because the values of these tasks are also conceptually private data for a module there is no obligation for them to remain constant - from one release to the next "trash" might change to "delete". NoixACL's "adapter" for these actions needs to track these changes and this is a major maintenance headache.
Drupal, by contrast, has core-level support for ACLs which is very elegant. It requires extensions to register the actions they allow users to perform and has a centralised tool for associating these actions with "roles" and and assigning different (and multiple) roles to different users. The names of these actions are explicitly part of a module's public API and so they tend to be meaningfully named and don't change between releases.
In Joomla! you effectively have a predefined set of content types which behave in fixed ways. Extra content types can be added by installing extension modules but these modules are have no generic way of being aware of and interacting with each other. For example, it is often the case that the category structures have to be defined separately for each content type, especially where something more complex than Joomla!'s two-level Section-Category hierarchy, is insufficient. In effect individual modules act as miniature applications in themselves with their own structures, permissioning and management interfaces.
With Drupal, you use something called CCK (Content Construction Kit) to define new content types at a much finer level with their own metadata, workflows, permissioning and processing. The site administrator is then responsible for using these content types to build 'views' - ordering the processing filter pipelines explicitly and pumping them out as dynamic 'pages' or 'blocks'. It's more work to implement but the result is that content types can be treated by extensions as homogeneous, opaque objects.
The Bottom Line
Essentially, the Joomla! vs Drupal decision comes down to a question of requirements. While your needs are met by Joomla!'s basic features and a few chosen extensions, it remains an easy to administer system.
But as you start to deviate from the structure that Joomla! provides out-of-the-box, and particularly when you start to have more complex content and user types, Drupal pays off the extra effort.
One common misconception is that Drupal is difficult to theme. The simple answer to that is 'not necessarily'. As with Joomla!, templates can be purchased online but we found that with a little CSS fu, existing free templates could be massaged to get excellent results.
Finally the increasing number of 'commercial' Joomla! extensions was becoming a real bugbear for us. It really grates to have to pay for plugins that more often as not you can't QA the sourcecode because they're encrypted. By contrast every single Drupal module we've used is free and open source. Together these reasons make Drupal far more attractive to professional web developers. You get far more control and somebody else isn't eating into your profit margin.